NYT: NSA Secretly Accessed Thousands of Computers Globally

The National Security Agency – already under fire for its bulk phone data mining --
has implanted James Bond-like software in nearly 100,000 computers around the globe to spy on them, and pave a digital path to launch cyberattacks, The New York Times reported Tuesday.

Most of the super-spyware is inserted through computer networks, but the NSA has increasingly used secret technology to penetrate computers that aren’t connected to the Internet, allowing the agency to enter and alter data, The Times reported.

The high-tech radio frequency technology has been used by the agency since 2008, the report said, letting U.S. spy agencies crack into previously impervious computers of friends and foes alike.

And its hardware is pure James Bond -- including a device called Cottonmouth I that looks like a normal USB plug but has a tiny transceiver buried in it.

“What’s new here is the scale and the sophistication of the intelligence agency’s ability to get into computers and networks to which no one has ever had access before,” James Andrew Lewis, the cybersecurity expert at the Center for Strategic and International Studies in Washington, told The Times.

“Some of these capabilities have been around for a while, but the combination of learning how to penetrate systems to insert software and learning how to do that using radio frequencies has given the U.S. a window it’s never had before.”

Among the most frequent targets of the code-named Quantum program have been the Chinese Army, which the United States has accused of launching digital probes and attacks on American industrial and military targets to steal secrets or information, The Times reported.

But Quantum has also been implanted into Russian military networks and systems used by the Mexican police and drug cartels, trade institutions inside the European Union, and sometime partners against terrorism like Saudi Arabia, India and Pakistan, The Times reported.

The NSA even has a map of “computer network exploitation,” The Times said.

There’s no evidence the spyware or radio frequency technology has been used inside the United States, The Times said; most of the implants are intended for surveillance and provide an early warning system for cyberattacks aimed at the United States.

“How do you ensure that Cyber Command people” are able to look at “those that are attacking us?” one official told The Times, comparing the spying to submarine warfare.

“That is what the submarines do all the time. They track the adversary submarines.” In cyberspace, he said, the United States tries “to silently track the adversaries while they’re trying to silently track you.”

The NSA defended its spy “activities.”

“NSA’s activities are focused and specifically deployed against — and only against — valid foreign intelligence targets in response to intelligence requirements,” Vanee Vines, an agency spokeswoman, said in a statement.

“We do not use foreign intelligence capabilities to steal the trade secrets of foreign companies on behalf of — or give intelligence we collect to — U.S. companies to enhance their international competitiveness or increase their bottom line.”

The Times noted parts of the program have been disclosed in documents leaked by ex-NSA contractor Edward Snowden; there have also been reports in a Dutch newspaper and the German magazine Der Spiegel, which published the NSA’s catalogue of high-tech super-spy hardware products.

The bombshell report comes as U.S. lawmakers are demanding, as part of a spending agreement, that the NSA turn over data about the collection of bulk phone records, including how many Americans had calls intercepted by the agency.

A $1.1 trillion bill unveiled Monday to fund the federal government through Sept. 30 would require the NSA to provide Congress with unclassified reports detailing how it collects and uses metadata, which refers to phone records, e-mails and other electronic communications.
If the bill is signed into law, it would represent the first measure from Congress requiring the NSA to provide details about spying programs exposed since June by Snowden.

President Obama on Jan. 17 plans to announce his decision on whether to alter spy programs, which could include requiring phone companies to retain phone records for the government.

The U.S. National Security Agency has put software in almost 100,000 computers around the world allowing it to carry out surveillance on those devices and could provide a digital highway for cyberattacks, the New York Times reported on Tuesday.The NSA has planted most of...